From 4eb2df671491fb4d57c01330558b51a7907b9911 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Mon, 22 Apr 2024 23:51:53 +0000 Subject: [PATCH] Trust the Windows crates published by Microsoft As with our `cargo-vet` usage in `zcash/zcash`, these are binary crates for interacting with Windows APIs, so both sides are maintained by Microsoft and are not something we can audit ourselves. --- supply-chain/audits.toml | 54 +++++++++++++++++++++++++++++++++ supply-chain/config.toml | 36 ---------------------- supply-chain/imports.lock | 63 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 117 insertions(+), 36 deletions(-) diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index f1536f6d1..4a1f0b017 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -81,6 +81,60 @@ user-id = 169181 # Kris Nuttycombe (nuttycom) start = "2022-12-15" end = "2025-04-22" +[[trusted.windows-sys]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-11-15" +end = "2025-04-22" + +[[trusted.windows-targets]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2022-09-09" +end = "2025-04-22" + +[[trusted.windows_aarch64_gnullvm]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2022-09-01" +end = "2025-04-22" + +[[trusted.windows_aarch64_msvc]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-11-05" +end = "2025-04-22" + +[[trusted.windows_i686_gnu]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-10-28" +end = "2025-04-22" + +[[trusted.windows_i686_msvc]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-10-27" +end = "2025-04-22" + +[[trusted.windows_x86_64_gnu]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-10-28" +end = "2025-04-22" + +[[trusted.windows_x86_64_gnullvm]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2022-09-01" +end = "2025-04-22" + +[[trusted.windows_x86_64_msvc]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-10-27" +end = "2025-04-22" + [[trusted.zcash_address]] criteria = "safe-to-deploy" user-id = 1244 # ebfull diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 766d009aa..9166f8dff 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -1170,42 +1170,6 @@ criteria = "safe-to-run" version = "0.4.0" criteria = "safe-to-deploy" -[[exemptions.windows-sys]] -version = "0.48.0" -criteria = "safe-to-deploy" - -[[exemptions.windows-targets]] -version = "0.48.5" -criteria = "safe-to-deploy" - -[[exemptions.windows_aarch64_gnullvm]] -version = "0.48.5" -criteria = "safe-to-deploy" - -[[exemptions.windows_aarch64_msvc]] -version = "0.48.5" -criteria = "safe-to-deploy" - -[[exemptions.windows_i686_gnu]] -version = "0.48.5" -criteria = "safe-to-deploy" - -[[exemptions.windows_i686_msvc]] -version = "0.48.5" -criteria = "safe-to-deploy" - -[[exemptions.windows_x86_64_gnu]] -version = "0.48.5" -criteria = "safe-to-deploy" - -[[exemptions.windows_x86_64_gnullvm]] -version = "0.48.5" -criteria = "safe-to-deploy" - -[[exemptions.windows_x86_64_msvc]] -version = "0.48.5" -criteria = "safe-to-deploy" - [[exemptions.wyz]] version = "0.5.1" criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 9710809cf..9b09cc4c9 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -58,6 +58,69 @@ user-id = 169181 user-login = "nuttycom" user-name = "Kris Nuttycombe" +[[publisher.windows-sys]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows-targets]] +version = "0.48.5" +when = "2023-08-18" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_aarch64_gnullvm]] +version = "0.48.5" +when = "2023-08-18" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_aarch64_msvc]] +version = "0.48.5" +when = "2023-08-18" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_i686_gnu]] +version = "0.48.5" +when = "2023-08-18" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_i686_msvc]] +version = "0.48.5" +when = "2023-08-18" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_gnu]] +version = "0.48.5" +when = "2023-08-18" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_gnullvm]] +version = "0.48.5" +when = "2023-08-18" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_msvc]] +version = "0.48.5" +when = "2023-08-18" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + [[publisher.zcash_address]] version = "0.3.2" when = "2024-03-06"